> I wonder why they're using WiFi signals instead of just analyzing the video feeds from their surveillance systems. It would probably glean the same information.
With WiFi signals they can uniquely identify a single customer (by MAC) without having to rely on facial recognition or complex image processing. I'm guessing that's the reason.
Ah, that makes sense. Don't know how I feel about being uniquely identified though. I thought they were just gathering things like movements and gender.
Only your device MAC is collected though, to track things like repeat visits, so I think it's similar to how websites track your IP. There is no "database" today to associate the device MAC back to any personal information.
"There is no "database" today to associate the device MAC back to any personal information."
You can _say_ that, but the marketing-hacker in me is already thinking about how to hook the wifi MAC address to the credit card payment database, and how to run in-store specials "Like us on Facebook via our free wifi to get $super-special-deal!"
I think saying "There is no "database" today … " is disingenuous at best. I would bet with 100% certainty that someone, somewhere, has been collecting and correlating MAC addresses and individual's identities, and is almost certainly selling access to exactly that database.
(Cynical thought, what're the chances that Apple aren't, right now, already doing realtime lookups on the purchase histories of the original owners of wifi capable iOS device that arrive in their stores with the wifi switched on?)
I should've clarified - there is no database today that is accessible to retailers and/or tracking software vendors. Device vendors like Apple certainly have a database that maps device UDID/MAC to your personal information, but they are very serious about protecting it. Today :)
In the better retail video systems, video is time-synced with the registers. I'm not sure how many are doing it right now, but indoor tracking and indoor mapping people would be foolish to not sync their data with the registers as well.
Put another way...
It is a trivial matter to know that it was your phone at the register when your debit card was used.
But they would still only have MAC address and charge, credit or debit card info.
Electronic payments are an entirely separate issue and there ought to be strong legal requirements preventing retailers and credit card companies from sharing data about people's purchases. Or, better yet, anonymous electronic cash like BitCoin.
While the invasiveness of a database of purchases linked to identities by credit card is substantial, it is orthogonal to the collection of how the user walked through the store. That hardly adds any additional value for anyone when it's just one datapoint. It's completely useless to insurance companies, maybe useful in aggregate to other stores. The point is to more effectively lay out displays to drive impulse purchases from people in aggregate. It would not be in Target's interest to let Wal-Mart know what the traffic pattern is in a Target.
If you are not already disclosing the fact that you shopped at the store by using a credit card, then there is nothing to tie your MAC address to your identity.
iOS and Android devices send a WiFi "ping" every so often - I believe this is done to improve locationing accuracy, by augmenting GPS data with WiFi signal strength data. You can read these pings from any AP, even if the device is not associated with the AP. You'll only get the device MAC, but that's enough to tell you the device make and get a unique ID on the customer.
And remember to turn off Bluetooth as well - the wifi and bluetooth MAC addresses are sequential - if you see one you know the other.
More paranoidly… A femtocell could fool your phone into revealing your phone number over the GSM/CDMA transmitter's channel. If I were involved in some extremely high value sale where the identity of potential purchasers was not always known, and where knowing it earlier might help close a sale (perhaps real estate or luxury cars?) - it'd be _so_ tempting to at least trial soemthing borderline-evil like that. (And now I'm inventing a small network of femtocells with directional antennas in white vans parked outside competitors - to track which of your potential customers are visiting which competitors…)
With WiFi signals they can uniquely identify a single customer (by MAC) without having to rely on facial recognition or complex image processing. I'm guessing that's the reason.